Bypassing AMSI when using Assembly.Load.
Using the Domain Name System as a Command & Control mechanism.
Tunneling C2 messages in ICMP traffic.